Mail Us : info@infosekure.com
Call Now : +1 647 872 6673
Cyber Security – Employees Training

Cyber Security – Employees Training

It’s essential to establish policies and procedures to minimize risk in this era of hyper-connectedness and, unfortunately, a burgeoning global cybercrime industry. One specific area on which to focus is your employees.

Empowering your employees to recognize common cyber threats can be beneficial to your organization’s computer security. Security awareness training teaches employees to understand vulnerabilities and threats to business operations. Your employees need to be aware of their responsibilities and accountabilities when using a computer on a business network.

New hire training and regularly scheduled refresher training courses should be established in order to instill the data security culture of your organization. Employee training should include, but not be limited to:

Responsibility for Company Data

Continually emphasize the critical nature of data security and the responsibility of each employee to protect company data. You and your employees have legal and regulatory obligations to respect and protect the privacy of information and its integrity and confidentiality.

Document Management and Notification Procedures

Employees should be educated on your data incident reporting procedure in the event an employee’s computer becomes infected by a virus or is operating outside its norm (e.g., unexplained errors, running slowly, changes in desktop configurations, etc.). They should be trained to recognize a legitimate warning message or alert. In such cases, employees should immediately report the incident so your IT team can be engaged to mitigate and investigate the threat.

Passwords

Train your employees on how to select strong passwords. Passwords should be cryptic so they cannot be easily guessed but also should be easily remembered so they do not need to be in writing. Your company systems should be set to send out periodic automatic reminders to employees to change their passwords.

Unauthorized Software

Make your employees aware that they are not allowed to install unlicensed software on any company computer. Unlicensed software downloads could make your company susceptible to malicious software downloads that can attack and corrupt your company data.

Internet Use

Train your employees to avoid emailed or online links that are suspicious or from unknown sources. Such links can release malicious software, infect computers and steal company data. Your company also should establish safe browsing rules and limits on employee Internet usage in the workplace.

Email

Responsible email usage is the best defense for preventing data theft. Employees should be aware of scams and not respond to email they do not recognize. Educate your employees to accept email that:

  • Comes from someone they know.
  • Comes from someone they have received mail from before.
  • Is something they were expecting.
  • Does not look odd with unusual spellings or characters.
  • Passes your anti-virus program test.

Social Engineering and Phishing

Train your employees to recognize common cybercrime and information security risks, including social engineering, online fraud, phishing and web-browsing risks.

Social Media Policy

Educate your employees on social media and communicate, at a minimum, your policy and guidance on the use of a company email address to register, post or receive social media.

Mobile Devices

Communicate your mobile device policy to your employees for company-owned and personally owned devices used during the course of business.

Protecting Computer Resources

Train your employees on safeguarding their computers from theft by locking them or keeping them in a secure place. Critical information should be backed up routinely, with backup copies being kept in a secure location. All of your employees are responsible for accepting current virus protection software updates on company PCs.

TLS 1.3 – History and What is new

What is TLS?

TLS is a protocol that provides a way for two parties to establish a secure communication channel between them.

That’s it.

But keep in mind that achieving this is no small feat. Look at TLS’ vulnerability history to see how hard it is.

TLS makes establishing a secure communication channel possible by providing three key services:

  • Confidentiality: ensures that data exchanged between peers is kept secret from third-parties. This is especially important for sensitive data, like passwords, credit cards, and the embarrassing contents of our shopping carts. Confidentiality is the characteristic that is most commonly associated with TLS, and its purpose is usually well understood;
  • Integrity: makes sure that data transmitted between peers is reliable and not tampered with during transit. Note that in the context of TLS, “integrity” refers to message authentication;
  • Authentication: ensures that clients communicate with legitimate servers. This is fundamental for assuring both confidentiality, and integrity, by providing trustworthy keying material for encryption and message authentication. Note that authentication and integrity are always important, whether the transmitted data is confidential or not. Optionally, TLS can also be used to authenticate clients, e.g. through client certificates, but this is less common;

Why do we need TLS?

One common criticism against TLS is that “TLS is slow”; for the vast majority of use cases, it is a misconception, even more so in TLS 1.3.

Another argument is that “All information on my website is public, so I do not need TLS”. A service providing public information may not require confidentiality, but authentication and integrity should never be optional. Otherwise, a user visiting an unprotected website has no guarantees about the authenticity of the information contained on it. The user may be attacked or, at best, annoyed by a potential man-in-the-middle — think Wi-Fi networks, or less ethical ISPs.

Some possible attack scenarios follow.

  • Subtly change a small, but critical, piece of information on a website. Such as a bank account number, cryptocurrency wallet address, phone number, email, and others;
  • Launch an “opportunistic cingryptojack” attack by injecting cryptocurrency mining code on the original webpage;
  • Redirect the victim to a phishing page to steal their credentials;
  • Inject ads and analytics/tracking javascript.

A brief TLS timeline

In the beginning, there was SSL 1.0. Not much public information is available. According to one source, several design flaws, such as missing data integrity and no replay protection, prevented SSL 1.0 from seeing the light of day;
SSL 2.0, the first public version, is eventually released in March 1995, as part of Netscape Navigator 1.1 browser. Several security issues are found, such as cipher downgrade and length-extension attacks;
SSL 3.0 is released in March 1996, with Netscape Navigator 2, fixing several vulnerabilities found in SSL 2.0;
TLS 1.0, a.k.a. SSL 3.1, is released in January 1999, after a standardization effort by the IETF. It is an incremental evolution over SSL 3.0, bringing no dramatic changes;
TLS 1.1 is released in April 2006. It includes mitigations to attacks on CBC ciphers. One particular change, explicit initialization vectors, will eventually prevent BEAST, five years into the future;
TLS 1.2 is released in August 2008. Changes include support for authenticated encryption with associated data (AEAD) ciphers, like AES-GCM, and stricter protocol validations;
TLS 1.3 is released in August 2018. There are many major differences from TLS 1.2, to the point that some believe it should be called TLS 2.0. We will briefly cover them below.

What is new in TLS 1.3

1. Perfect-forward secrecy is now mandatory.
2. TLS 1.3 comes with a redesigned, safer and faster 1-RTT handshake. In TLS 1.3, after the initial handshake messages, everything is encrypted. This means that even server certificates are encrypted.
3, A ton of stuff was removed: renegotiation, compression, and many legacy algorithms: DSA, RC4, SHA1, MD5, CBC MAC-then-Encrypt ciphers
4. Supposedly lot more reselient against downgrade attacks

 

WANNACRY RANSOMWARE

WANNACRY RANSOMWARE

WannaCry, which spanned more than 150 countries, leveraged some of the leaked NSA tools. In May, the ransomware targeted businesses running outdated Windows software and locked down computer systems.

The hackers behind WannaCry demanded money to unlock files. More than 300,000 machines were hit across numerous industries, including health care and car companies.

Why WannaCry ransomware took down so many businesses? – running “legacy software,” or old, outdated technology that no longer receives software updates

The vulnerability WannaCry exploits lies in the Windows implementation of the Server Message Block (SMB) protocol. The SMB protocol helps various nodes on a network communicate, and Microsoft’s implementation could be tricked by specially crafted packets into executing arbitrary code.

Even if a PC has been successfully infected, WannaCry won’t necessarily begin encrypting files. That’s because, as noted above, it first tries to access a very long, gibberish URL before going to work. If it can access that domain, WannaCry shuts itself down. It’s not entirely clear what the purpose of this functionality is. Some researchers believed this was supposed to be a means for the malware’s creators to pull the plug on the attack. However, Marcus Hutchins, the British security researcher who discovered that WannaCry was attempting to contact this URL, believes it was meant to make analysis of the code more difficult.

Ironically, the patch needed to prevent WannaCry infections was actually available before the attack began: Microsoft Security Bulletin MS17-010, released on March 14, 2017, updated the Windows implementation of the SMB protocol to prevent infection via EternalBlue. However, despite the fact that Microsoft had flagged the patch as critical, many systems were still unpatched as of May of 2017 when WannaCry began its rapid spread.

TRENDS IN CYBERSECURITY 2018

TRENDS IN CYBERSECURITY 2018

2018 is coming to a close. So far, here are some of the most noteworthy trends in the ever changing world of Cyber Security

  1. The rise of attacks on critical infrastructure — Cases of cyberthreats affecting critical infrastructure made major headlines in 2017. One of the most significant was Industroyer, the infamous malware responsible for the 2016 attack on Ukraine’s power grid. Attacks on critical infrastructure can also affect much more than just the power grid and could include the defense and healthcare sectors, water, transportation, and both critical manufacturing and food production. Organizations are working hard on security but ever-changing conditions mean that threats are likely to continue through 2018.
  2. Supply chain issues — Large companies are waking up to the threat of cyberattacks with security teams receiving increased backing to improve measures. But SMEs continue to struggle with these new concerns, and since they may also supply goods and services to larger organizations, security gains are often negatively impacted. These types of supply chain problems affected the entertainment industry earlier in 2017; among the incidents included was the attempted extortion of Netflix over a new season of the series “Orange Is the New Black.” This should remind us that supply chain security can affect any industry, and is likely to continue in 2018.
  3. Increased cooperation between law enforcement and cybersecurity experts — Malware research has proved useful to law enforcement in the war on cybercrime. A key example is a recent collaboration between ESET, Microsoft, and law enforcement agencies, including the FBI and Interpol, working together to take down a major botnet operation known as Gamarue. Increased cooperation will lead to more arrests and fewer active cybercriminals. As authorities continue to gain experience working with private cybersecurity specialists, we can look toward further successful investigations and a potentially safer 2018.
  4. Democracy hack: Can electoral processes be protected? Recent elections have raised numerous cybersecurity questions – the most important being to what extent a cyberattack can influence the electoral process. As discussed in the report, evidence suggests we must look toward a hybrid system using both paper and electronic records if we are to mitigate fraud by cybercriminals.
  5. Our privacy in the new age of tech — Data is the new currency, with consumers expecting to enjoy software at little or no cost. This has led vendors to enter the data-collection business, increasing the risks connected with data privacy. Advancements in IoT can lead in a similar direction with every device capable of telling a story and producing a full picture of the user’s life if multiple connected devices are combined.
WELL KNOWN COMPUTER WORMS AND VIRUSES

WELL KNOWN COMPUTER WORMS AND VIRUSES

Netsky and Sasser – Netsky spread via e-mail and Windows networks, creating large amounts of Internet traffic and causing Denial of Service (DoS) attacks. At the time, Netsky and all its variants were believed to have accounted for as many as 25 percent of all computer viruses on the Internet. Sasser replicated by finding other systems with vulnerabilities and forcing them to download the virus. Once it was on a new machine, it altered the operating system to make it difficult for users to shut down their computer.

  • Released in February and April 2004 respectively.
  • Created by 17-year old Sven Jaschan.
  • One of the few viruses to be tracked back to their creator.

SQL Slammer – A prolific web server virus, the Slammer (also known as Sapphire) infected nearly half of the servers that help run the Internet 15 minutes after its initial attack.

  • Released in January 2003.
  • Affected computer networks and systems, causing shutdowns and a range of damage estimated at over $1 billion.
  • Caused Bank of America ATM service to crash, interruptions in Seattle’s 911 service, and more.

    Nimda – Spreading through e-mail and Web pages, this worm targeted Internet servers, slowing Internet performance nearly to a halt. It also opened a backdoor to the computer’s operating system, allowing a hacker access to the computer. However, access was limited by user account permissions.

  • Released in 2001.
  • Name is the word “admin” spelled backward.
  • Fastest spreading computer virus in history.

    ILOVEYOU – Traveled through e-mail as a message from a secret admirer. When users downloaded the attachment called WIN-BUGSFIX.EXE, the virus would copy and embed itself in key files; including Registry keys.

    • Suspected to have been created by Onel de Guzman (Philippines) in 2000.
    • Initially spread through e-mail and later through IRC clients.
    • Damage caused by the virus was estimated at around $10 billion.The original email virus, ILOVEYOU caused “massive estimated financial damage, with millions of computers infected,” according to Golden Richard III. The email masqueraded as a love letter from a contact in a user’s email address book, and prompted the user to open an attachment containing the virus. Beginning on March 4th, 2000, the virus infected over 50 million computers in only nine days, and caused the CIA and the Pentagon to shut down their computers.

    CODE RED

    Named after the Mountain Dew drink favored by the first researchers to analyze the program, this worm first broke out in July, 2001, infecting as many as 360,000 computers in a single day. According to Richard III, the infection proved so hard to stop because the worm would continually re-infect the same computer it had been cleaned from. The worm attacked Microsoft IS servers, and caused massive denial of service problems as it ate up computing resources and IT personnel time.

    Conficker

    Conficker which is also known as Downup, Downadup, and Kido is a type of computer virus that usually targets Microsoft Windows Operating system. The virus was first identified in November 2008. This virus uses flaws of Windows operating system to fetch the administrator password via dictionary attacks while forming a botnet. This virus infected millions of computers which include government, business and home computer in over 190 countries.

How to choose headphones for your smartphone

How to choose headphones for your smartphone

Quisque fringilla, nisl non pretium vehicula, leo felis lobortis ipsum, et congue odio tellus vitae lacus. Nunc eget odio eget orci finibus rutrum ac ac neque. Curabitur consequat pulvinar ipsum, quis interdum tellus malesuada quis. Vivamus laoreet arcu sit amet finibus consectetur. Aliquam pulvinar, dolor eu pharetra tempus, turpis nibh aliquet ipsum, iaculis consectetur ipsum dui sodales augue. Suspendisse potenti. Nunc purus erat, tristique ut magna sed, finibus auctor purus. Integer bibendum ligula lobortis sem condimentum rutrum. In hac habitasse platea dictumst. Vivamus eu felis ut est dignissim eleifend.
Read more

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close